Behavioral task
behavioral1
Sample
36b025c06f80d921ce9e955cb37e60e9_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
36b025c06f80d921ce9e955cb37e60e9_JaffaCakes118
-
Size
640KB
-
MD5
36b025c06f80d921ce9e955cb37e60e9
-
SHA1
6a25d11873a4f9f8812574fa71855b67bf9407fe
-
SHA256
2990f323995bbfdd40ce90c83c55d458504287816407426fc14609bace21ff97
-
SHA512
e1f10f8d8198435eb63edc507e7e02200f535d4417fafd88e1e9aa2e2fe3ad51a8420bff6d005df143d68aee63c88214e152bcbc138d5eaf9134ca5a85ae486d
-
SSDEEP
12288:4cD66hbVf2GFNT0X8rQvhsEhLLQMoAMHVB66EYAUTS9D/ksSzARo:4kt2GF+XfvFVLQrBzTaDMsAARo
Malware Config
Signatures
-
Cybergate family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 36b025c06f80d921ce9e955cb37e60e9_JaffaCakes118
Files
-
36b025c06f80d921ce9e955cb37e60e9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 1024B - Virtual size: 544B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 587KB - Virtual size: 587KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ